1 /* 2 * QEMU AHCI Emulation 3 * 4 * Copyright (c) 2010 qiaochong@loongson.cn 5 * Copyright (c) 2010 Roland Elek <elek.roland@gmail.com> 6 * Copyright (c) 2010 Sebastian Herbszt <herbszt@gmx.de> 7 * Copyright (c) 2010 Alexander Graf <agraf@suse.de> 8 * 9 * This library is free software; you can redistribute it and/or 10 * modify it under the terms of the GNU Lesser General Public 11 * License as published by the Free Software Foundation; either 12 * version 2.1 of the License, or (at your option) any later version. 13 * 14 * This library is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 17 * Lesser General Public License for more details. 18 * 19 * You should have received a copy of the GNU Lesser General Public 20 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 21 * 22 */ 23 24 #ifndef HW_IDE_AHCI_INTERNAL_H 25 #define HW_IDE_AHCI_INTERNAL_H 26 27 #include "hw/ide/ahci.h" 28 #include "hw/ide/internal.h" 29 #include "hw/sysbus.h" 30 #include "hw/pci/pci.h" 31 32 #define AHCI_MEM_BAR_SIZE 0x1000 33 #define AHCI_MAX_PORTS 32 34 #define AHCI_MAX_SG 168 /* hardware max is 64K */ 35 #define AHCI_DMA_BOUNDARY 0xffffffff 36 #define AHCI_USE_CLUSTERING 0 37 #define AHCI_MAX_CMDS 32 38 #define AHCI_CMD_SZ 32 39 #define AHCI_CMD_SLOT_SZ (AHCI_MAX_CMDS * AHCI_CMD_SZ) 40 #define AHCI_RX_FIS_SZ 256 41 #define AHCI_CMD_TBL_CDB 0x40 42 #define AHCI_CMD_TBL_HDR_SZ 0x80 43 #define AHCI_CMD_TBL_SZ (AHCI_CMD_TBL_HDR_SZ + (AHCI_MAX_SG * 16)) 44 #define AHCI_CMD_TBL_AR_SZ (AHCI_CMD_TBL_SZ * AHCI_MAX_CMDS) 45 #define AHCI_PORT_PRIV_DMA_SZ (AHCI_CMD_SLOT_SZ + AHCI_CMD_TBL_AR_SZ + \ 46 AHCI_RX_FIS_SZ) 47 48 #define AHCI_IRQ_ON_SG (1U << 31) 49 #define AHCI_CMD_ATAPI (1 << 5) 50 #define AHCI_CMD_WRITE (1 << 6) 51 #define AHCI_CMD_PREFETCH (1 << 7) 52 #define AHCI_CMD_RESET (1 << 8) 53 #define AHCI_CMD_CLR_BUSY (1 << 10) 54 55 #define RX_FIS_D2H_REG 0x40 /* offset of D2H Register FIS data */ 56 #define RX_FIS_SDB 0x58 /* offset of SDB FIS data */ 57 #define RX_FIS_UNK 0x60 /* offset of Unknown FIS data */ 58 59 /* global controller registers */ 60 enum AHCIHostReg { 61 AHCI_HOST_REG_CAP = 0, /* CAP: host capabilities */ 62 AHCI_HOST_REG_CTL = 1, /* GHC: global host control */ 63 AHCI_HOST_REG_IRQ_STAT = 2, /* IS: interrupt status */ 64 AHCI_HOST_REG_PORTS_IMPL = 3, /* PI: bitmap of implemented ports */ 65 AHCI_HOST_REG_VERSION = 4, /* VS: AHCI spec. version compliancy */ 66 AHCI_HOST_REG_CCC_CTL = 5, /* CCC_CTL: CCC Control */ 67 AHCI_HOST_REG_CCC_PORTS = 6, /* CCC_PORTS: CCC Ports */ 68 AHCI_HOST_REG_EM_LOC = 7, /* EM_LOC: Enclosure Mgmt Location */ 69 AHCI_HOST_REG_EM_CTL = 8, /* EM_CTL: Enclosure Mgmt Control */ 70 AHCI_HOST_REG_CAP2 = 9, /* CAP2: host capabilities, extended */ 71 AHCI_HOST_REG_BOHC = 10, /* BOHC: firmare/os handoff ctrl & status */ 72 AHCI_HOST_REG__COUNT = 11 73 }; 74 75 /* HOST_CTL bits */ 76 #define HOST_CTL_RESET (1 << 0) /* reset controller; self-clear */ 77 #define HOST_CTL_IRQ_EN (1 << 1) /* global IRQ enable */ 78 #define HOST_CTL_AHCI_EN (1U << 31) /* AHCI enabled */ 79 80 /* HOST_CAP bits */ 81 #define HOST_CAP_SSC (1 << 14) /* Slumber capable */ 82 #define HOST_CAP_AHCI (1 << 18) /* AHCI only */ 83 #define HOST_CAP_CLO (1 << 24) /* Command List Override support */ 84 #define HOST_CAP_SSS (1 << 27) /* Staggered Spin-up */ 85 #define HOST_CAP_NCQ (1 << 30) /* Native Command Queueing */ 86 #define HOST_CAP_64 (1U << 31) /* PCI DAC (64-bit DMA) support */ 87 88 /* registers for each SATA port */ 89 enum AHCIPortReg { 90 AHCI_PORT_REG_LST_ADDR = 0, /* PxCLB: command list DMA addr */ 91 AHCI_PORT_REG_LST_ADDR_HI = 1, /* PxCLBU: command list DMA addr hi */ 92 AHCI_PORT_REG_FIS_ADDR = 2, /* PxFB: FIS rx buf addr */ 93 AHCI_PORT_REG_FIS_ADDR_HI = 3, /* PxFBU: FIX rx buf addr hi */ 94 AHCI_PORT_REG_IRQ_STAT = 4, /* PxIS: interrupt status */ 95 AHCI_PORT_REG_IRQ_MASK = 5, /* PxIE: interrupt enable/disable mask */ 96 AHCI_PORT_REG_CMD = 6, /* PxCMD: port command */ 97 /* RESERVED */ 98 AHCI_PORT_REG_TFDATA = 8, /* PxTFD: taskfile data */ 99 AHCI_PORT_REG_SIG = 9, /* PxSIG: device TF signature */ 100 AHCI_PORT_REG_SCR_STAT = 10, /* PxSSTS: SATA phy register: SStatus */ 101 AHCI_PORT_REG_SCR_CTL = 11, /* PxSCTL: SATA phy register: SControl */ 102 AHCI_PORT_REG_SCR_ERR = 12, /* PxSERR: SATA phy register: SError */ 103 AHCI_PORT_REG_SCR_ACT = 13, /* PxSACT: SATA phy register: SActive */ 104 AHCI_PORT_REG_CMD_ISSUE = 14, /* PxCI: command issue */ 105 AHCI_PORT_REG_SCR_NOTIF = 15, /* PxSNTF: SATA phy register: SNotification */ 106 AHCI_PORT_REG_FIS_CTL = 16, /* PxFBS: Port multiplier switching ctl */ 107 AHCI_PORT_REG_DEV_SLEEP = 17, /* PxDEVSLP: device sleep control */ 108 /* RESERVED */ 109 AHCI_PORT_REG_VENDOR_1 = 28, /* PxVS: Vendor Specific */ 110 AHCI_PORT_REG_VENDOR_2 = 29, 111 AHCI_PORT_REG_VENDOR_3 = 30, 112 AHCI_PORT_REG_VENDOR_4 = 31, 113 AHCI_PORT_REG__COUNT = 32 114 }; 115 116 /* Port interrupt bit descriptors */ 117 enum AHCIPortIRQ { 118 AHCI_PORT_IRQ_BIT_DHRS = 0, 119 AHCI_PORT_IRQ_BIT_PSS = 1, 120 AHCI_PORT_IRQ_BIT_DSS = 2, 121 AHCI_PORT_IRQ_BIT_SDBS = 3, 122 AHCI_PORT_IRQ_BIT_UFS = 4, 123 AHCI_PORT_IRQ_BIT_DPS = 5, 124 AHCI_PORT_IRQ_BIT_PCS = 6, 125 AHCI_PORT_IRQ_BIT_DMPS = 7, 126 /* RESERVED */ 127 AHCI_PORT_IRQ_BIT_PRCS = 22, 128 AHCI_PORT_IRQ_BIT_IPMS = 23, 129 AHCI_PORT_IRQ_BIT_OFS = 24, 130 /* RESERVED */ 131 AHCI_PORT_IRQ_BIT_INFS = 26, 132 AHCI_PORT_IRQ_BIT_IFS = 27, 133 AHCI_PORT_IRQ_BIT_HBDS = 28, 134 AHCI_PORT_IRQ_BIT_HBFS = 29, 135 AHCI_PORT_IRQ_BIT_TFES = 30, 136 AHCI_PORT_IRQ_BIT_CPDS = 31, 137 AHCI_PORT_IRQ__COUNT = 32 138 }; 139 140 141 /* PORT_IRQ_{STAT,MASK} bits */ 142 #define PORT_IRQ_COLD_PRES (1U << 31) /* cold presence detect */ 143 #define PORT_IRQ_TF_ERR (1 << 30) /* task file error */ 144 #define PORT_IRQ_HBUS_ERR (1 << 29) /* host bus fatal error */ 145 #define PORT_IRQ_HBUS_DATA_ERR (1 << 28) /* host bus data error */ 146 #define PORT_IRQ_IF_ERR (1 << 27) /* interface fatal error */ 147 #define PORT_IRQ_IF_NONFATAL (1 << 26) /* interface non-fatal error */ 148 /* reserved */ 149 #define PORT_IRQ_OVERFLOW (1 << 24) /* xfer exhausted available S/G */ 150 #define PORT_IRQ_BAD_PMP (1 << 23) /* incorrect port multiplier */ 151 #define PORT_IRQ_PHYRDY (1 << 22) /* PhyRdy changed */ 152 /* reserved */ 153 #define PORT_IRQ_DEV_ILCK (1 << 7) /* device interlock */ 154 #define PORT_IRQ_CONNECT (1 << 6) /* port connect change status */ 155 #define PORT_IRQ_SG_DONE (1 << 5) /* descriptor processed */ 156 #define PORT_IRQ_UNK_FIS (1 << 4) /* unknown FIS rx'd */ 157 #define PORT_IRQ_SDB_FIS (1 << 3) /* Set Device Bits FIS rx'd */ 158 #define PORT_IRQ_DMAS_FIS (1 << 2) /* DMA Setup FIS rx'd */ 159 #define PORT_IRQ_PIOS_FIS (1 << 1) /* PIO Setup FIS rx'd */ 160 #define PORT_IRQ_D2H_REG_FIS (1 << 0) /* D2H Register FIS rx'd */ 161 162 #define PORT_IRQ_FREEZE (PORT_IRQ_HBUS_ERR | PORT_IRQ_IF_ERR | \ 163 PORT_IRQ_CONNECT | PORT_IRQ_PHYRDY | \ 164 PORT_IRQ_UNK_FIS) 165 #define PORT_IRQ_ERROR (PORT_IRQ_FREEZE | PORT_IRQ_TF_ERR | \ 166 PORT_IRQ_HBUS_DATA_ERR) 167 #define DEF_PORT_IRQ (PORT_IRQ_ERROR | PORT_IRQ_SG_DONE | \ 168 PORT_IRQ_SDB_FIS | PORT_IRQ_DMAS_FIS | \ 169 PORT_IRQ_PIOS_FIS | PORT_IRQ_D2H_REG_FIS) 170 171 /* PORT_CMD bits */ 172 #define PORT_CMD_ATAPI (1 << 24) /* Device is ATAPI */ 173 #define PORT_CMD_LIST_ON (1 << 15) /* cmd list DMA engine running */ 174 #define PORT_CMD_FIS_ON (1 << 14) /* FIS DMA engine running */ 175 #define PORT_CMD_FIS_RX (1 << 4) /* Enable FIS receive DMA engine */ 176 #define PORT_CMD_CLO (1 << 3) /* Command list override */ 177 #define PORT_CMD_POWER_ON (1 << 2) /* Power up device */ 178 #define PORT_CMD_SPIN_UP (1 << 1) /* Spin up device */ 179 #define PORT_CMD_START (1 << 0) /* Enable port DMA engine */ 180 181 #define PORT_CMD_ICC_MASK (0xfU << 28) /* i/f ICC state mask */ 182 #define PORT_CMD_ICC_ACTIVE (0x1 << 28) /* Put i/f in active state */ 183 #define PORT_CMD_ICC_PARTIAL (0x2 << 28) /* Put i/f in partial state */ 184 #define PORT_CMD_ICC_SLUMBER (0x6 << 28) /* Put i/f in slumber state */ 185 186 #define PORT_CMD_RO_MASK 0x007dffe0 /* Which CMD bits are read only? */ 187 188 /* ap->flags bits */ 189 #define AHCI_FLAG_NO_NCQ (1 << 24) 190 #define AHCI_FLAG_IGN_IRQ_IF_ERR (1 << 25) /* ignore IRQ_IF_ERR */ 191 #define AHCI_FLAG_HONOR_PI (1 << 26) /* honor PORTS_IMPL */ 192 #define AHCI_FLAG_IGN_SERR_INTERNAL (1 << 27) /* ignore SERR_INTERNAL */ 193 #define AHCI_FLAG_32BIT_ONLY (1 << 28) /* force 32bit */ 194 195 #define ATA_SRST (1 << 2) /* software reset */ 196 197 #define STATE_RUN 0 198 #define STATE_RESET 1 199 200 #define SATA_SCR_SSTATUS_DET_NODEV 0x0 201 #define SATA_SCR_SSTATUS_DET_DEV_PRESENT_PHY_UP 0x3 202 203 #define SATA_SCR_SSTATUS_SPD_NODEV 0x00 204 #define SATA_SCR_SSTATUS_SPD_GEN1 0x10 205 206 #define SATA_SCR_SSTATUS_IPM_NODEV 0x000 207 #define SATA_SCR_SSTATUS_IPM_ACTIVE 0X100 208 209 #define AHCI_SCR_SCTL_DET 0xf 210 211 #define SATA_FIS_TYPE_REGISTER_H2D 0x27 212 #define SATA_FIS_REG_H2D_UPDATE_COMMAND_REGISTER 0x80 213 #define SATA_FIS_TYPE_REGISTER_D2H 0x34 214 #define SATA_FIS_TYPE_PIO_SETUP 0x5f 215 #define SATA_FIS_TYPE_SDB 0xA1 216 217 #define AHCI_CMD_HDR_CMD_FIS_LEN 0x1f 218 #define AHCI_CMD_HDR_PRDT_LEN 16 219 220 #define SATA_SIGNATURE_CDROM 0xeb140101 221 #define SATA_SIGNATURE_DISK 0x00000101 222 223 #define AHCI_GENERIC_HOST_CONTROL_REGS_MAX_ADDR 0x2c 224 225 #define AHCI_PORT_REGS_START_ADDR 0x100 226 #define AHCI_PORT_ADDR_OFFSET_MASK 0x7f 227 #define AHCI_PORT_ADDR_OFFSET_LEN 0x80 228 229 #define AHCI_NUM_COMMAND_SLOTS 31 230 #define AHCI_SUPPORTED_SPEED 20 231 #define AHCI_SUPPORTED_SPEED_GEN1 1 232 #define AHCI_VERSION_1_0 0x10000 233 234 #define AHCI_PROGMODE_MAJOR_REV_1 1 235 236 #define AHCI_COMMAND_TABLE_ACMD 0x40 237 238 #define AHCI_PRDT_SIZE_MASK 0x3fffff 239 240 #define IDE_FEATURE_DMA 1 241 242 #define READ_FPDMA_QUEUED 0x60 243 #define WRITE_FPDMA_QUEUED 0x61 244 #define NCQ_NON_DATA 0x63 245 #define RECEIVE_FPDMA_QUEUED 0x65 246 #define SEND_FPDMA_QUEUED 0x64 247 248 #define NCQ_FIS_FUA_MASK 0x80 249 #define NCQ_FIS_RARC_MASK 0x01 250 251 #define RES_FIS_DSFIS 0x00 252 #define RES_FIS_PSFIS 0x20 253 #define RES_FIS_RFIS 0x40 254 #define RES_FIS_SDBFIS 0x58 255 #define RES_FIS_UFIS 0x60 256 257 #define SATA_CAP_SIZE 0x8 258 #define SATA_CAP_REV 0x2 259 #define SATA_CAP_BAR 0x4 260 261 typedef struct AHCIPortRegs { 262 uint32_t lst_addr; 263 uint32_t lst_addr_hi; 264 uint32_t fis_addr; 265 uint32_t fis_addr_hi; 266 uint32_t irq_stat; 267 uint32_t irq_mask; 268 uint32_t cmd; 269 uint32_t unused0; 270 uint32_t tfdata; 271 uint32_t sig; 272 uint32_t scr_stat; 273 uint32_t scr_ctl; 274 uint32_t scr_err; 275 uint32_t scr_act; 276 uint32_t cmd_issue; 277 uint32_t reserved; 278 } AHCIPortRegs; 279 280 typedef struct AHCICmdHdr { 281 uint16_t opts; 282 uint16_t prdtl; 283 uint32_t status; 284 uint64_t tbl_addr; 285 uint32_t reserved[4]; 286 } QEMU_PACKED AHCICmdHdr; 287 288 typedef struct AHCI_SG { 289 uint64_t addr; 290 uint32_t reserved; 291 uint32_t flags_size; 292 } QEMU_PACKED AHCI_SG; 293 294 typedef struct NCQTransferState { 295 AHCIDevice *drive; 296 BlockAIOCB *aiocb; 297 AHCICmdHdr *cmdh; 298 QEMUSGList sglist; 299 BlockAcctCookie acct; 300 uint32_t sector_count; 301 uint64_t lba; 302 uint8_t tag; 303 uint8_t cmd; 304 uint8_t slot; 305 bool used; 306 bool halt; 307 } NCQTransferState; 308 309 struct AHCIDevice { 310 IDEDMA dma; 311 IDEBus port; 312 int port_no; 313 uint32_t port_state; 314 uint32_t finished; 315 AHCIPortRegs port_regs; 316 struct AHCIState *hba; 317 QEMUBH *check_bh; 318 uint8_t *lst; 319 uint8_t *res_fis; 320 bool done_first_drq; 321 int32_t busy_slot; 322 bool init_d2h_sent; 323 AHCICmdHdr *cur_cmd; 324 NCQTransferState ncq_tfs[AHCI_MAX_CMDS]; 325 }; 326 327 struct AHCIPCIState { 328 /*< private >*/ 329 PCIDevice parent_obj; 330 /*< public >*/ 331 332 AHCIState ahci; 333 }; 334 335 extern const VMStateDescription vmstate_ahci; 336 337 #define VMSTATE_AHCI(_field, _state) { \ 338 .name = (stringify(_field)), \ 339 .size = sizeof(AHCIState), \ 340 .vmsd = &vmstate_ahci, \ 341 .flags = VMS_STRUCT, \ 342 .offset = vmstate_offset_value(_state, _field, AHCIState), \ 343 } 344 345 /** 346 * NCQFrame is the same as a Register H2D FIS (described in SATA 3.2), 347 * but some fields have been re-mapped and re-purposed, as seen in 348 * SATA 3.2 section 13.6.4.1 ("READ FPDMA QUEUED") 349 * 350 * cmd_fis[3], feature 7:0, becomes sector count 7:0. 351 * cmd_fis[7], device 7:0, uses bit 7 as the Force Unit Access bit. 352 * cmd_fis[11], feature 15:8, becomes sector count 15:8. 353 * cmd_fis[12], count 7:0, becomes the NCQ TAG (7:3) and RARC bit (0) 354 * cmd_fis[13], count 15:8, becomes the priority value (7:6) 355 * bytes 16-19 become an le32 "auxiliary" field. 356 */ 357 typedef struct NCQFrame { 358 uint8_t fis_type; 359 uint8_t c; 360 uint8_t command; 361 uint8_t sector_count_low; /* (feature 7:0) */ 362 uint8_t lba0; 363 uint8_t lba1; 364 uint8_t lba2; 365 uint8_t fua; /* (device 7:0) */ 366 uint8_t lba3; 367 uint8_t lba4; 368 uint8_t lba5; 369 uint8_t sector_count_high; /* (feature 15:8) */ 370 uint8_t tag; /* (count 0:7) */ 371 uint8_t prio; /* (count 15:8) */ 372 uint8_t icc; 373 uint8_t control; 374 uint8_t aux0; 375 uint8_t aux1; 376 uint8_t aux2; 377 uint8_t aux3; 378 } QEMU_PACKED NCQFrame; 379 380 typedef struct SDBFIS { 381 uint8_t type; 382 uint8_t flags; 383 uint8_t status; 384 uint8_t error; 385 uint32_t payload; 386 } QEMU_PACKED SDBFIS; 387 388 void ahci_realize(AHCIState *s, DeviceState *qdev, AddressSpace *as, int ports); 389 void ahci_init(AHCIState *s, DeviceState *qdev); 390 void ahci_uninit(AHCIState *s); 391 392 void ahci_reset(AHCIState *s); 393 394 #endif /* HW_IDE_AHCI_INTERNAL_H */ 395